Bug 486739
Summary: | satellite install, selinux denials MonitoringScout | ||
---|---|---|---|
Product: | Red Hat Satellite 5 | Reporter: | wes hayutin <whayutin> |
Component: | Installer | Assignee: | Jan Pazdziora <jpazdziora> |
Status: | CLOSED NOTABUG | QA Contact: | wes hayutin <whayutin> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 530 | CC: | bperkins |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | na | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-03-16 14:01:08 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 457079 |
Description
wes hayutin
2009-02-21 16:27:32 UTC
What did you do after that installation? After the installer said * Deploying configuration files. * Update configuration in database. * Setting up Cobbler.. * Restarting services. Installation complete. Visit https://your-satellite.redhat.com to create the RHN Satellite administrator account. what other steps did you make? Did you go to the WebUI and activate monitoring? Or is this without even activating monitoring? Generally, these look like leaked descriptors from whatever automation tool you are using. Please provide info about how exactly you run those installations. Then sat install ran, then I get the audit log... nothing.. else was done Wes confirmed that the installation was run under screen and that re-running the installation without screen does not generate the AVC denials. So currently it looks like leaked file descriptor in screen. running w/ the correct version of screen did NOT produce this error.. I think we can close this. recreated this error on a x86_64 install w/o screen type=AVC msg=audit(1235593563.492:118): avc: denied { sigchld } for pid=9971 comm="MonitoringScout" scontext=root:system_r:spacewalk_monitoring_t:s0 tcontext=root:system_r:initrc_t:s0 tcla ss=process [root@test02-64 ~]# ps -ef | grep 9971 root 26849 20185 0 15:48 pts/1 00:00:00 grep 9971 Wes, the original report was not about sigchld, if was about read/write on unix_stream_socket. It's not the same issue. We will need new, full bugzilla, describing exactly what you did when you got this sigchld denial -- was it during installation, when services were first restarted, when you activated monitoring, etc. The same problem as bug 486742: screen possibly leaking descriptors was leading to AVC denials. Closing as NOTABUG as it's not strictly speaking a duplicate -- the cause was the same but the symptoms showed in different programs. |